#include <ssl.h>

Collaboration diagram for mbedtls_ssl_context:

[legend]

Data Fields
const mbedtls_ssl_config *	private_conf

int	private_state

uint32_t	private_flags

int	private_renego_status

int	private_renego_records_seen

mbedtls_ssl_protocol_version	private_tls_version

int	private_early_data_state

unsigned	private_badmac_seen

int(*	private_f_vrfy )(void , mbedtls_x509_crt , int, uint32_t *)

void *	private_p_vrfy

mbedtls_ssl_send_t *	private_f_send

mbedtls_ssl_recv_t *	private_f_recv

mbedtls_ssl_recv_timeout_t *	private_f_recv_timeout

void *	private_p_bio

mbedtls_ssl_session *	private_session_in

mbedtls_ssl_session *	private_session_out

mbedtls_ssl_session *	private_session

mbedtls_ssl_session *	private_session_negotiate

mbedtls_ssl_handshake_params *	private_handshake

mbedtls_ssl_transform *	private_transform_in

mbedtls_ssl_transform *	private_transform_out

mbedtls_ssl_transform *	private_transform

mbedtls_ssl_transform *	private_transform_negotiate

mbedtls_ssl_transform *	private_transform_application

void *	private_p_timer

mbedtls_ssl_set_timer_t *	private_f_set_timer

mbedtls_ssl_get_timer_t *	private_f_get_timer

unsigned char *	private_in_buf

unsigned char *	private_in_ctr

unsigned char *	private_in_hdr

unsigned char *	private_in_cid

unsigned char *	private_in_len

unsigned char *	private_in_iv

unsigned char *	private_in_msg

unsigned char *	private_in_offt

int	private_in_msgtype

size_t	private_in_msglen

size_t	private_in_left

size_t	private_in_buf_len

uint16_t	private_in_epoch

size_t	private_next_record_offset

uint64_t	private_in_window_top

uint64_t	private_in_window

size_t	private_in_hslen

size_t	private_in_hsfraglen

int	private_nb_zero

int	private_keep_current_message

unsigned char	private_send_alert

unsigned char	private_alert_type

int	private_alert_reason

uint8_t	private_disable_datagram_packing

uint8_t	private_discard_early_data_record

uint32_t	private_total_early_data_size

unsigned char *	private_out_buf

unsigned char *	private_out_ctr

unsigned char *	private_out_hdr

unsigned char *	private_out_cid

unsigned char *	private_out_len

unsigned char *	private_out_iv

unsigned char *	private_out_msg

int	private_out_msgtype

size_t	private_out_msglen

size_t	private_out_left

size_t	private_out_buf_len

unsigned char	private_cur_out_ctr [MBEDTLS_SSL_SEQUENCE_NUMBER_LEN]

uint16_t	private_mtu

char *	private_hostname

const char *	private_alpn_chosen

mbedtls_dtls_srtp_info	private_dtls_srtp_info

unsigned char *	private_cli_id

size_t	private_cli_id_len

int	private_secure_renegotiation

size_t	private_verify_data_len

char	private_own_verify_data [MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]

char	private_peer_verify_data [MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]

unsigned char	private_own_cid [MBEDTLS_SSL_CID_IN_LEN_MAX]

uint8_t	private_own_cid_len

uint8_t	private_negotiate_cid

mbedtls_ssl_export_keys_t *	private_f_export_keys

void *	private_p_export_keys

mbedtls_ssl_user_data_t	private_user_data

Detailed Description

Definition at line 1583 of file ssl.h.

Field Documentation

int mbedtls_ssl_context::private_alert_reason

The error code to be returned to the user once the fatal alert has been sent.

Definition at line 1740 of file ssl.h.

unsigned char mbedtls_ssl_context::private_alert_type

Type of alert if send_alert != 0

Definition at line 1738 of file ssl.h.

const char* mbedtls_ssl_context::private_alpn_chosen

negotiated protocol

Definition at line 1798 of file ssl.h.

unsigned mbedtls_ssl_context::private_badmac_seen

records with a bad MAC received

Definition at line 1631 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_cli_id

transport-level ID of the client

Definition at line 1812 of file ssl.h.

size_t mbedtls_ssl_context::private_cli_id_len

length of cli_id

Definition at line 1813 of file ssl.h.

const mbedtls_ssl_config* mbedtls_ssl_context::private_conf

configuration information

Definition at line 1584 of file ssl.h.

unsigned char mbedtls_ssl_context::private_cur_out_ctr[MBEDTLS_SSL_SEQUENCE_NUMBER_LEN]

Outgoing record sequence number.

Definition at line 1783 of file ssl.h.

uint8_t mbedtls_ssl_context::private_disable_datagram_packing

Disable packing multiple records within a single datagram.

Definition at line 1745 of file ssl.h.

uint8_t mbedtls_ssl_context::private_discard_early_data_record

Definition at line 1757 of file ssl.h.

mbedtls_dtls_srtp_info mbedtls_ssl_context::private_dtls_srtp_info

Definition at line 1805 of file ssl.h.

int mbedtls_ssl_context::private_early_data_state

State of the negotiation and transfer of early data. Reset to MBEDTLS_SSL_EARLY_DATA_STATE_IDLE when the context is reset.

Definition at line 1628 of file ssl.h.

mbedtls_ssl_export_keys_t* mbedtls_ssl_context::private_f_export_keys

Callback to export key block and master secret

Definition at line 1844 of file ssl.h.

mbedtls_ssl_get_timer_t* mbedtls_ssl_context::private_f_get_timer

get timer callback

Definition at line 1687 of file ssl.h.

mbedtls_ssl_recv_t* mbedtls_ssl_context::private_f_recv

Callback for network receive

Definition at line 1640 of file ssl.h.

mbedtls_ssl_recv_timeout_t* mbedtls_ssl_context::private_f_recv_timeout

Callback for network receive with timeout

Definition at line 1641 of file ssl.h.

mbedtls_ssl_send_t* mbedtls_ssl_context::private_f_send

Callback for network send

Definition at line 1639 of file ssl.h.

mbedtls_ssl_set_timer_t* mbedtls_ssl_context::private_f_set_timer

set timer callback

Definition at line 1686 of file ssl.h.

int(* mbedtls_ssl_context::private_f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *)

Callback to customize X.509 certificate chain verification

Definition at line 1635 of file ssl.h.

uint32_t mbedtls_ssl_context::private_flags

Mask of MBEDTLS_SSL_CONTEXT_FLAG_XXX. See mbedtls_ssl_context_flags_t in ssl_misc.h.

This field is not saved by mbedtls_ssl_session_save().

Definition at line 1596 of file ssl.h.

mbedtls_ssl_handshake_params* mbedtls_ssl_context::private_handshake

params required only during the handshake process

Definition at line 1654 of file ssl.h.

char* mbedtls_ssl_context::private_hostname

expected peer CN for verification (and SNI if available)

Definition at line 1793 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_in_buf

input buffer

Definition at line 1692 of file ssl.h.

size_t mbedtls_ssl_context::private_in_buf_len

length of input buffer

Definition at line 1710 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_in_cid

The start of the CID; (the end is marked by in_len).

Definition at line 1698 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_in_ctr

64-bit incoming message counter TLS: maintained by us DTLS: read from peer

Definition at line 1693 of file ssl.h.

uint16_t mbedtls_ssl_context::private_in_epoch

DTLS epoch for incoming records

Definition at line 1713 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_in_hdr

start of record header

Definition at line 1696 of file ssl.h.

size_t mbedtls_ssl_context::private_in_hsfraglen

accumulated length of hs fragments (up to in_hslen)

Definition at line 1724 of file ssl.h.

size_t mbedtls_ssl_context::private_in_hslen

current handshake message length, including the handshake header

Definition at line 1722 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_in_iv

ivlen-byte IV

Definition at line 1702 of file ssl.h.

size_t mbedtls_ssl_context::private_in_left

amount of data read so far

Definition at line 1708 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_in_len

two-bytes message length field

Definition at line 1701 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_in_msg

message contents (in_iv+ivlen)

Definition at line 1703 of file ssl.h.

size_t mbedtls_ssl_context::private_in_msglen

record header: message length

Definition at line 1707 of file ssl.h.

int mbedtls_ssl_context::private_in_msgtype

record header: message type

Definition at line 1706 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_in_offt

read offset in application data

Definition at line 1704 of file ssl.h.

uint64_t mbedtls_ssl_context::private_in_window

bitmask for replay detection

Definition at line 1719 of file ssl.h.

uint64_t mbedtls_ssl_context::private_in_window_top

last validated record seq_num

Definition at line 1718 of file ssl.h.

int mbedtls_ssl_context::private_keep_current_message

drop or reuse current message on next call to record layer?

Definition at line 1728 of file ssl.h.

uint16_t mbedtls_ssl_context::private_mtu

path mtu, used to fragment outgoing messages

Definition at line 1786 of file ssl.h.

int mbedtls_ssl_context::private_nb_zero

of 0-length encrypted messages

Definition at line 1726 of file ssl.h.

uint8_t mbedtls_ssl_context::private_negotiate_cid

This indicates whether the CID extension should be negotiated in the next handshake or not. Possible values are MBEDTLS_SSL_CID_ENABLED and MBEDTLS_SSL_CID_DISABLED.

Definition at line 1837 of file ssl.h.

size_t mbedtls_ssl_context::private_next_record_offset

offset of the next record in datagram (equal to in_left if none)

Definition at line 1714 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_out_buf

output buffer

Definition at line 1765 of file ssl.h.

size_t mbedtls_ssl_context::private_out_buf_len

length of output buffer

Definition at line 1780 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_out_cid

The start of the CID; (the end is marked by in_len).

Definition at line 1769 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_out_ctr

64-bit outgoing message counter

Definition at line 1766 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_out_hdr

start of record header

Definition at line 1767 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_out_iv

ivlen-byte IV

Definition at line 1773 of file ssl.h.

size_t mbedtls_ssl_context::private_out_left

amount of data not yet written

Definition at line 1778 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_out_len

two-bytes message length field

Definition at line 1772 of file ssl.h.

unsigned char* mbedtls_ssl_context::private_out_msg

message contents (out_iv+ivlen)

Definition at line 1774 of file ssl.h.

size_t mbedtls_ssl_context::private_out_msglen

record header: message length

Definition at line 1777 of file ssl.h.

int mbedtls_ssl_context::private_out_msgtype

record header: message type

Definition at line 1776 of file ssl.h.

unsigned char mbedtls_ssl_context::private_own_cid[MBEDTLS_SSL_CID_IN_LEN_MAX]

The next incoming CID, chosen by the user and applying to all subsequent handshakes. This may be different from the CID currently used in case the user has re-configured the CID after an initial handshake.

Definition at line 1835 of file ssl.h.

uint8_t mbedtls_ssl_context::private_own_cid_len

The length of own_cid.

Definition at line 1836 of file ssl.h.

char mbedtls_ssl_context::private_own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]

previous handshake verify data

Definition at line 1824 of file ssl.h.

void* mbedtls_ssl_context::private_p_bio

context for I/O operations

Definition at line 1644 of file ssl.h.

void* mbedtls_ssl_context::private_p_export_keys

context for key export callback

Definition at line 1845 of file ssl.h.

void* mbedtls_ssl_context::private_p_timer

context for the timer callbacks

Definition at line 1684 of file ssl.h.

void* mbedtls_ssl_context::private_p_vrfy

context for X.509 verify callback

Definition at line 1636 of file ssl.h.

char mbedtls_ssl_context::private_peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]

previous handshake verify data

Definition at line 1825 of file ssl.h.

int mbedtls_ssl_context::private_renego_records_seen

Records since renego request, or with DTLS, number of retransmissions of request if renego_max_records is < 0

Definition at line 1600 of file ssl.h.

int mbedtls_ssl_context::private_renego_status

Initial, in progress, pending?

Definition at line 1599 of file ssl.h.

int mbedtls_ssl_context::private_secure_renegotiation

does peer support legacy or secure renegotiation

Definition at line 1820 of file ssl.h.

unsigned char mbedtls_ssl_context::private_send_alert

Determines if a fatal alert should be sent. Values:

0 , no alert is to be sent.
1 , alert is to be sent.

Definition at line 1734 of file ssl.h.

mbedtls_ssl_session* mbedtls_ssl_context::private_session

negotiated session data

Definition at line 1651 of file ssl.h.

mbedtls_ssl_session* mbedtls_ssl_context::private_session_in

current session data (in)

Definition at line 1649 of file ssl.h.

mbedtls_ssl_session* mbedtls_ssl_context::private_session_negotiate

session data in negotiation

Definition at line 1652 of file ssl.h.

mbedtls_ssl_session* mbedtls_ssl_context::private_session_out

current session data (out)

Definition at line 1650 of file ssl.h.

int mbedtls_ssl_context::private_state

SSL handshake: current state

Definition at line 1589 of file ssl.h.

mbedtls_ssl_protocol_version mbedtls_ssl_context::private_tls_version

Maximum TLS version to be negotiated, then negotiated TLS version.

It is initialized as the configured maximum TLS version to be negotiated by mbedtls_ssl_setup().

When renegotiating or resuming a session, it is overwritten in the ClientHello writing preparation stage with the previously negotiated TLS version.

On client side, it is updated to the TLS version selected by the server for the handshake when the ServerHello is received.

On server side, it is updated to the TLS version the server selects for the handshake when the ClientHello is received.

Definition at line 1621 of file ssl.h.

uint32_t mbedtls_ssl_context::private_total_early_data_size

Number of received/written early data bytes

Definition at line 1759 of file ssl.h.

mbedtls_ssl_transform* mbedtls_ssl_context::private_transform

negotiated transform params This pointer owns the transform it references.

Definition at line 1666 of file ssl.h.

mbedtls_ssl_transform* mbedtls_ssl_context::private_transform_application

The application data transform in TLS 1.3. This pointer owns the transform it references.

Definition at line 1678 of file ssl.h.

mbedtls_ssl_transform* mbedtls_ssl_context::private_transform_in

current transform params (in) This is always a reference, never an owning pointer.

Definition at line 1660 of file ssl.h.

mbedtls_ssl_transform* mbedtls_ssl_context::private_transform_negotiate

transform params in negotiation This pointer owns the transform it references.

Definition at line 1670 of file ssl.h.

mbedtls_ssl_transform* mbedtls_ssl_context::private_transform_out

current transform params (out) This is always a reference, never an owning pointer.

Definition at line 1663 of file ssl.h.

mbedtls_ssl_user_data_t mbedtls_ssl_context::private_user_data

User data pointer or handle.

The library sets this to 0 when creating a context and does not access it afterwards.

Warning: Serializing and restoring an SSL context with mbedtls_ssl_context_save() and mbedtls_ssl_context_load() does not currently restore the user data.

Definition at line 1856 of file ssl.h.

size_t mbedtls_ssl_context::private_verify_data_len

length of verify data stored

Definition at line 1823 of file ssl.h.

The documentation for this struct was generated from the following file:

ssl.h

Data Fields

Detailed Description

Field Documentation

of 0-length encrypted messages